Lucene search

K
cve[email protected]CVE-2006-4071
HistoryAug 10, 2006 - 1:04 a.m.

CVE-2006-4071

2006-08-1001:04:00
NVD-CWE-Other
web.nvd.nist.gov
32
cve-2006-4071
sign extension vulnerability
gdi library
windows xp
server 2003
denial of service
application crash
crafted wmf file

6.6 Medium

AI Score

Confidence

High

2.6 Low

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:N/I:N/A:P

0.165 Low

EPSS

Percentile

95.9%

Sign extension vulnerability in the createBrushIndirect function in the GDI library (gdi32.dll) in Microsoft Windows XP, Server 2003, and possibly other versions, allows user-assisted attackers to cause a denial of service (application crash) via a crafted WMF file.

6.6 Medium

AI Score

Confidence

High

2.6 Low

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:N/I:N/A:P

0.165 Low

EPSS

Percentile

95.9%

Related for CVE-2006-4071